[cgiapp] RFC: patch to CAP::Authorization to do redirects like CAP::Authentication

Thu, 12 Oct 2006 13:00:43 -0700 

Have been adding support in my own apps for CAP::Authorization, but found that 
it didn't perform redirects the same way that CAP::Authentication did.  I 
wanted to be able to set things up so that I could have entire Apps that 
require a specific type of authorization like:

  sub cgiapp_prerun {
      my $self = shift;
      unless ($self->authz->authorize('admin')) {
          return $self->authz->forbidden();
      }
  }

and have CAP::Authorization "do the right thing" with regards to whether it 
did a redirect to an external URL or to an internal run-mode.

I've hacked together a patch against CAP-Authorization 0.05 that makes it 
function like this, which I've attached to this message.

Comments?

-- 
Graham TerMarsch
Howling Frog Internet Development, Inc.

--- Authorization.pm.orig	2006-10-12 12:49:23.055854364 -0700
+++ Authorization.pm	2006-10-12 12:52:47.686480089 -0700
@@ -483,6 +483,7 @@
 sub setup_runmodes {
     my $self   = shift;
     $self->run_modes( authz_forbidden => \&authz_forbidden, );
+    $self->run_modes( authz_dummy_redirect => \&authz_dummy_redirect );
     return;
 }
 
@@ -515,16 +516,15 @@
     my $config = $self->_config;
 
     if ( $config->{FORBIDDEN_RUNMODE} ) {
-        my $runmode = $config->{FORBIDDEN_RUNMODE};
-        return $cgiapp->$runmode();
+        $cgiapp->prerun_mode($config->{FORBIDDEN_RUNMODE});
     }
     elsif ( $config->{FORBIDDEN_URL} ) {
         $cgiapp->header_add( -location => $config->{FORBIDDEN_URL} );
         $cgiapp->header_type('redirect');
-        return;
+        $cgiapp->prerun_mode('authz_dummy_redirect');
     }
     else {
-        return authz_forbidden( $self->cgiapp );
+        $cgiapp->prerun_mode('authz_forbidden');
     }
 }
 
@@ -555,6 +555,17 @@
     return $html;
 }
 
+=head2 authz_dummy_redirect
+
+This runmode is provided for convenience when an external redirect needs
+to be done.  It just returns an empty string.
+
+=cut
+
+sub authz_dummy_redirect {
+    return '';
+}
+
 ###
 ### Helper methods
 ###


---------------------------------------------------------------------
Web Archive:  http://www.mail-archive.com/[email protected]/
              http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to